CVE-2025-43553 – Substance3D Modeler Uncontrolled Search Path Element Vulnerability

May 13, 2025

CVE ID : CVE-2025-43553

Published : May 13, 2025, 9:16 p.m. | 3 hours, 7 minutes ago

Description : Substance3D – Modeler versions 1.21.0 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. If the application relies on a search path to locate critical resources such as libraries or executables, an attacker could manipulate the search path to load a malicious resource, potentially executing arbitrary code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43562 – ColdFusion OS Command Injection

Next Article CVE-2025-43563 – Adobe ColdFusion File System Read Improper Access Control

Highlights

CVE-2025-30011 – SAP SRM Java Applet Information Disclosure

May 13, 2025

CVE ID : CVE-2025-30011

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected system. This vulnerability has low impact on confidentiality, with no effect on integrity and availability of the application.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

Google’s coding agent Jules gets critique functionality

The best smartphones without AI features in 2025: Expert tested and recommended

GPT-5 was supposed to simplify ChatGPT but now it has 4 new modes – here’s why

Gemini just got two of ChatGPT’s best features – and they’re free

The HP OmniBook 5 laptop offers 34 hours of battery life – and it’s 60% off today only

Laravel Boost is released

Laravel Boost is released

Frontend Standards for Optimizely Configured Commerce: Clean & Scalable Web Best Practices

Live Agent Escalation in Copilot Studio Using D365 Omnichannel – Architecture and Use Case

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

OpenAI’s Sam Altman: GPT-5 fails to meet AGI standards amid Microsoft’s fading partnership — “it’s still missing something”

You Think You Need a Monster PC to Run Local AI, Don’t You? — My Seven-Year-Old Mid-range Laptop Says Otherwise

8 Registry Tweaks that will Make File Explorer Faster and Easier to Use on Windows 11

CVE-2025-43553 – Substance3D Modeler Uncontrolled Search Path Element Vulnerability

How the always-on generation can level up its cybersecurity game

Supply-chain dependencies: Check your resilience blind spot

Rilasciato Fastfetch 2.41: Tutte le novità del tool per mostrare le informazioni dei sistemi GNU/Linux

Ubisoft still doesn’t get it, greenlights yet another “battle royale” shooter, according to reports

Fortifying Debian With SELinux by Enforcing Mandatory Access Control for Ultimate System Security

Clean Up Your Code with the whenHas Method

CVE-2025-30011 – SAP SRM Java Applet Information Disclosure

CVE-2025-38158 – Hisi Acc VFio PCI DMA Address Error Vulnerability

Microsoft celebrates 50th anniversary with a new Xbox Dynamic Background and more

CVE-2025-52842 – Laundry Cross-site Scripting (XSS)

CVE-2025-43553 – Substance3D Modeler Uncontrolled Search Path Element Vulnerability

Related Posts